A moderate open redirect vulnerability has been identified in Sylius, an open-source eCommerce framework built on Symfony. The issue arises in the CurrencySwitchController, ImpersonateUserController, and StorageBasedLocaleSwitcher, all of which use the HTTP Referer header for redirection. This vulnerability can be exploited by tricking a user into clicking a link on an attacker-controlled page, which then redirects back to the attacker's site, potentially leading to phishing or credential theft. Public endpoints are easily exploitable, while admin-only endpoints require an authenticated session.
Exploitation of this vulnerability allows for open redirection, where users are redirected to an attacker-controlled site, potentially leading to phishing or credential theft.
To address this vulnerability, users can update Sylius to version 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, or 2.2.3 and above. If an immediate update is not possible, the affected controllers can be copied to the project's source directory, modified to remove the referer-based redirection, and the service definitions overridden.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
